EFF and the ACLU of Northern California urged a California appeals court last week to reverse a judge’s wrongheaded and dangerous ruling that threatens the critical privacy protections afforded by the California Electronic Communications Privacy Act (CalECPA), the most robust digital privacy measure in the country.

The law, which garnered bipartisan support, requires police to obtain a warrant from a neutral judge to search stored communications such as email, text messages, location data, or documents, whether they are on an electronic device or in the cloud. Warrants must describe in detail the information to be seized, specifying time periods for the search, target individuals or accounts, and the type of information sought. Anything collected that’s not relevant to what’s described in the warrant can’t be reviewed, used, or disclosed, and must be sealed. These requirements are more specific and extensive than what's currently required by the Fourth Amendment. California law enforcement agencies said CalECPA struck the correct balance between their need to obtain electronic communication to investigate criminal activities and the privacy interests people have over their email, texts, documents, and other digital communications.

Violations of CalECPA carry appropriately severe consequences for law enforcement: suppression and deletion of information obtained without a warrant as provided by the law. Prosecutors who collect electronic communications stored on a laptop or in the cloud absent a warrant that meets the requirements of CalECPA lose the ability to use information as evidence.

The message of the suppression of evidence provision of CalECPA is clear: you abuse it, and you lose it.

A few weeks after CalECPA went into effect, a Monterey County Superior Court judge issued a search warrant that authorized an effectively unlimited search, seizure, and extraction of electronic devices and information from a dentist’s office. In violation of CalECPA, the warrant authorized seizure of any and all computers, cellphones, and electronic accounts without limitation or specifying that they be possessed by the person who was under investigation. This is precisely what CalECPA was designed to prevent. The dentist was later charged with possession of child pornography based on evidence gathered under the faulty warrant.

When the defendant’s attorneys sought to have the evidence thrown out because the warrant violated the statute, the Monterey County judge agreed that CalECPA had not been complied with, but refused to do so. The judge concluded that CalECPA’s requirements were no stricter than those found under the U.S. and state constitutions (not true), and even if the warrant failed to meet the requirements, suppression of the evidence was not appropriate.

Our brief lays out in detail how wrong the judge got it. The ruling was a dramatic error that, if upheld, would eviscerate CalECPA’s privacy protections, and set a dangerous precedent allowing prosecutors to attempt to skirt CalECPA’s requirements. The statute’s robust enforcement provisions and remedies would be rendered toothless.

Courts are required to follow the law—new laws, old laws, it doesn’t matter. This court’s erroneous ruling must be reversed to protect the privacy rights of all Californians.

Related Updates

The full weight of U.S. policing has descended upon protesters across the country as people take to the streets to denounce the police killings of Breonna Taylor, George Floyd, and countless others who have been subjected to police violence. Along with riot shields, tear gas, and other crowd control...

Your phone is your life. It’s where you communicate, get your news, take pictures and videos of your loved ones, relax and play games, and find a significant other. It can track your health, give you directions, remind you of events, and much more. It’s an incredibly helpful tool, but...

EFF has joined a broad coalition of civil liberties, civil rights, and labor advocates to oppose A.B. 2261, which threatens to normalize the increased use of face surveillance of Californians where they live and work. Our allies include the ACLU of California, Oakland Privacy, the California Employment Lawyers Association, Service...

In the wake of nationwide protests against the police killings of George Floyd and Breonna Taylor, we urge protestors to stay safe, both physically and digitally. Our Surveillance Self Defense (SSD) Guide on attending a protest offers practical tips on how to maintain your privacy and minimize your digital...

With states beginning to ease shelter-in-place restrictions, the conversation on COVID-19 has turned to questions of when and how we can return to work, take kids to school, or plan air travel.Several countries and U.S. states, including the UK, Italy, Chile, Germany, and California, have expressed interest in...

When it comes to surveillance of our online lives, Internet service providers (ISPs) are some of the worst offenders. Last year, the state of Maine passed a law targeted at the harms ISPs do to their customers when they use and sell their personal information. Now that law is...

COVID-19, and containment efforts that rely on personal data, are shining a spotlight on a longstanding problem: our nation’s lack of sufficient laws to protect data privacy. Two bills before Congress attempt to solve this problem as to COVID-19 data. One is a good start that needs improvements. The other...

In a landmark decision, the German Constitutional Court has ruled that mass surveillance of telecommunications outside of Germany conducted on foreign nationals is unconstitutional. Thanks to the chief legal counsel, Gesellschaft für Freiheitsrechte (GFF), this a major victory for global civil liberties, but especially those that live and...